Research Article
Multi-item Passphrases: A Self-adaptive Approach Against Offline Guessing Attacks
@INPROCEEDINGS{10.1007/978-3-030-05487-8_11, author={Jaryn Shen and Kim-Kwang Choo and Qingkai Zeng}, title={Multi-item Passphrases: A Self-adaptive Approach Against Offline Guessing Attacks}, proceedings={Digital Forensics and Cyber Crime. 10th International EAI Conference, ICDF2C 2018, New Orleans, LA, USA, September 10--12, 2018, Proceedings}, proceedings_a={ICDF2C}, year={2019}, month={1}, keywords={Offline guessing attacks Self-adaptive Authentication Passphrases}, doi={10.1007/978-3-030-05487-8_11} }- Jaryn Shen
Kim-Kwang Choo
Qingkai Zeng
Year: 2019
Multi-item Passphrases: A Self-adaptive Approach Against Offline Guessing Attacks
ICDF2C
Springer
DOI: 10.1007/978-3-030-05487-8_11
Abstract
While authentication has been widely studied, designing secure and efficient authentication schemes for various applications remains challenging. In this paper, we propose a self-adaptive authentication mechanism, , which is designed to mitigate offline password-guessing attacks. For example, “11th July 2018, Nanjing, China, San Antonio, Texas, research” is a multi-item passphrase. It dynamically monitors items and identifies frequently used items. Users will then be alerted when there is need to change their passphrases based on the observed trend (, when a term used in the passphrase consists of a popular item). We demonstrate the security and effectiveness of the proposed scheme in resisting offline guessing attacks, and in particular using simulations to show that schemes based on multi-item passphrases achieve higher security and better usability than those using passwords and diceware passphrases.